Application No. 10/645,087 
Amendment "C" dated October 24, 2008 
Reply to Office Action mailed July 25, 2008 

AMENDMENTS TO THE CLAIMS 

This listing of claims replaces all prior versions, and listings, of claims in the application: 

Listing of Claims: 

1 . (Currently Amended) In a computerized network environment including a client 
system, a network provider, and one or more devices that can be accessed locally or over a 
network, a method for providing the client system access to one or more of the devices through 
the network provider, the method comprising the following: 

an act of identifying one or more devices that can be accessed locally or over a 
network; 

an act of generating a target that identifies a set of the one or more devices, and 
that includes at least one corresponding device identifier, wherein the set of one or more 
devices is identified based on each of the devices having at least one common group of 
clients authorized to access the devices ; 

an act of associating client authorization information identified by the network 
provider with the target that identifies the set of the one or more devices , wh e r e in only 
clients associated with th e target can acc e ss th e d e vic e s id e ntifi e d by th e targ e t ; and 

an act of dynamically assigning the target to a port through a protocol- 
independent port driver at the network provider , such that only clients authorized by the 
associated client information are allowed to access the assigned port, thereby allowing 
only the clients access to the set of the one or more device through the target, wherein the 
assignment of the port is dependent upon load balancing of the network provider. 

2. (Previously Presented) The method as recited in claim 1, wherein the set of the 
one or more devices can be accessed locally through a local access protocol. 

3. (Previously Presented) The method as recited in claim 1, wherein the set of the 
one or more devices is a network device that can be accessed on a network through a network 
access protocol. 
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4. (Previously Presented) The method as recited in claim 1, wherein the act of 
identifying a set of one or more devices further includes an act of creating one or more devices 
that can be accessed over the network. 

5. (Previously Presented) The method as recited in claim 4, wherein the act of 
creating one or more devices includes an act of identifying at least one of a partition and file, 
wherein the at least one of a partition and file represents at least a portion of one of the one or 
more devices, and wherein the at least one of a partition and file can be configured by the 
network provider to provide the client modifiable access to the portion of the one of the one or 
more devices. 

6. (Original) The method as recited in claim 1, further comprising an act of 
providing client access to one or more of a port, a WWN, and a portal through the protocol- 
independent port driver, such that the protocol-independent port driver is accessed through one 
or more protocol-dependent mini-ports. 

7. (Original) The method as recited in claim 6, wherein the protocol-independent 
port driver and one or more protocol-dependent mini-port drivers are managed by the 
centralized service, and wherein the one or more protocol-dependent miniport drivers plug-in to 
the protocol-independent port driver. 

8. (Original) The method as recited in claim 7, wherein at least one of the one or 
more protocol-dependent miniport drivers communicates through one or more of an Ethernet, 
Token Ring, fiber channel, USB, or wireless protocol. 

9. (Original) The method as recited in claim 1, wherein the at least one device is a 
virtual SCSI device that can be accessed through an iSCSI protocol. 

10. (Original) The method as recited in claim 9, wherein the virtual SCSI device is a 
storage device, and the network comprises a storage area network. 
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11. (Original) The method as recited in claim 10, wherein the storage device is one or 
more of an internal or external magnetic storage medium, an optical storage medium, and a 
tape backup drive. 

12. (Original) The method as recited in claim 1, wherein the network provider 
manages one or more targets, one or more drivers, and authentication information for one or 
more clients through a centralized directory service. 

13. (Original) The method as recited in claim 12, wherein the network device 
identifier is identified by a target name and a LUN that has been assigned to the at least one 
device by the centralized directory service. 

14. (Previously Presented) The method as recited in claim 13, wherein the logical unit 
number refers to one or more of a device, a plug-and-play identifier for a device, a global 
unique identifier for a device, a device driver that interfaces with a device, and at least one of a 
partition and file that represents a portion of a device. 
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15. (Currently Amended) In a computerized network environment including a client 
system, a network provider, and one or more devices that can be accessed locally or over a 
network, a computer-readable storage media having stored thereon compute r program product 
comprising computer-executable instructions that when executed, cause a computing system to 
perform for p e rfor ming a method for providing the client system access to one or more of the 
devices over the through the network provider, the method comprising the following: 

an act of identifying a set of the one or more devices that can be accessed locally 
or over a network^-the-se t b e ing bas e d on a cli e nt id e ntity and con sisting of only devices 
to which the-ehenf-has b ee n assign e d and to which th e cli e nt is to be provided access; 

an act of generating a target that identifies the set of the one or more devices, and 
that includes at least one corresponding device identifier , wherein the set of one or more 
dev ices is identified based on each of the devices having at least one common group of 
clients authorized to access the devices ; 

an act of associating client authorization information identified by the network 
provider with the target that identifies the set of the one or more device ; and 

an act of dynamically assigning the target to a port through a protocol- 
independent port driver at the network provide r, such that only clients authorized by the 
associated client information are allowed to access the assigned port, thereby allowing 
only the clients access to the set of the one or more device through the target, wherein the 
assignment of the port is dependent upon load balancing of the network provider . 

16. (Currently Amended) The computer-readable storage media compute r program 
p roduct as recited in claim 15, wherein the set of the one or more devices can be accessed 
locally through a local access protocol. 

17. (Currently Amended) The computer-readable storage co mput e r program product 
as recited in claim 15, wherein the set of the one or more devices is a network device that can 
be accessed on a network. 
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18. (Currently Amended) The computer-readable storage media comput e r program 
product as recited in claim 15, wherein the act of identifying a set of one or more devices 
further includes an act of creating one or more devices that can be accessed over the network. 

19. (Currently Amended) The computer-readable storage media comput e r program 
product as recited in claim 18, wherein the act of creating one or more devices includes an act 
of identifying at least one of a partition and file, wherein the at least one of a partition and file 
represents at least a portion of one of the one or more devices, and wherein the at least one of a 
partition and file can be configured by the network provider to provide the client modifiable 
access to the portion of the one of the one or more devices. 

20. (Currently Amended) The computer-readable storage media comput e r pr ogram 
product as recited in claim 15, with the method caused by the execution of the computer- 
executable instructions further comprising an act of providing client access to one or more of a 
port, a WWN, and a portal through the protocol-independent port driver, such that the protocol- 
independent port driver is accessed through one or more protocol-dependent mini-ports. 

21. (Currently Amended) The computer-readable storage media computer program 
p roduct as recited in claim 20, wherein the protocol-independent port driver and one or more 
protocol-dependent mini-port drivers are managed by the centralized service, and wherein the 
one or more protocol-dependent miniport drivers plug-in to the protocol-independent port 
driver. 

22. (Currently Amended) The computer-readable storage media comput e r program 
p roduct as recited in claim 21, wherein at least one of the one or more miniport drivers 
communicates through one or more of an Ethernet, Token Ring, fiber channel, USB, or 
wireless protocol. 

23. (Currently Amended) The computer-readable storage media comput e r program 
product as recited in claim 15, wherein the at least one device is a virtual SCSI device that can 
be accessed through an iSCSI protocol. 
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24. (Currently Amended) The computer-readable storage media comput e r program 
product as recited in claim 23, wherein the virtual SCSI device is a storage device, and the 
network comprises a storage area network. 

25. (Currently Amended) The computer-readable storage media comput e r program 
p roduct as recited in claim 24, wherein the storage device is one or more of an internal or 
external magnetic storage medium, an optical storage medium, and a tape backup drive. 

26. (Currently Amended) The computer-readable storage media comput e r program 
product as recited in claim 15, wherein the network provider manages one or more targets, one 
or more drivers, and authentication information for one or more clients through a centralized 
directory service. 

27. (Currently Amended) The computer-readable storage media comput e r program 
prodttet-as recited in claim 26, wherein the device identifier is identified by a target name and a 
LUN that has been assigned to the at least one device by the centralized directory service. 

28. (Currently Amended) The computer-readable storage media comput e r program 
product as recited in claim 27, wherein the LUN is assigned to one or more of a device 
identifier, a plug-and-play identifier for a device, a global unique identifier for a device; a 
device driver that interfaces with a device; and at least one of a partition and file that represents 
a portion of a device. 
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29. (Currently Amended) In a computerized network environment including a client 
system, a network provider, and one or more devices that can be accessed locally or over a 
network, a method for providing the client system access to one or more of the devices over the 
through the network provider, the method comprising the following: 

an act of identifying a set of the one or more partitions or files representing 
portions of devices that can be accessed locally or over a network, the set being based on 
one or more partitions or files having commonly authorized client access a-ehen^4dentity 
and consisting of only d e vic e s partitions or files to which the client has been assigned and 
to which the client is to be provided access; 

an act of generating a target that identifies the set of the one or more partitions or 
files d e vic e s , and that includes at least one corresponding device identifier , wherein the 
set of one or more devices is identified based on each of the devices having at least one 
common group of clients authorized to access the devices ; 

an act of associating client authorization information identified by the network 
provider with the target that identifies the set of the one or more partitions or files d e vic e s ; 
and 

a step for dynamically exposing the set of the one or more partitions or files 
deviees-to the client through a specific one of a dynamically assigned network port, a 
WWN, and a portal, such that the client can access the set of the one or more partitions or 
files device-identified by the target when the client has access to the specific one of a 
dynamically assigned network port, a WWN, and portal, and when the client presents the 
associated client authorization to the network provider. 

30. (Previously Presented) The method as recited in claim 29, wherein the step for 
exposing the set of the one or more devices to the client through a specific one of a network 
port, a WWN, and a portal comprises: 

an act of assigning the target to a port through a protocol-independent port driver 
at the network provider; and 

an act of providing client access to the specific one of a port, a WWN, and a 
portal through the protocol-independent port driver, such that the protocol-independent 
port driver is accessed through one or more protocol-dependent mini-ports. 
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31. (Original) The method as recited in claim 30, wherein the client is provided 
access to the specific one of a port, a WWN, and a portal by virtue of being authenticated at 
one or more of a local centralized service provider, and a remote authentication database. 
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32. (Currently Amended) In a computerized environment including a client computer 
and a storage service provider on a storage area network, the storage service provider 
comprising one or more storage devices, a method of providing the client computer with access 
to one or more of the storage devices on the storage service provider through an iSCSI 
protocol, the method comprising the following: 

an act of identifying one or more device identifiers corresponding to one or more 
partitions or files representing storage devices on a storage service provider , wherein the 
partitions or files allow access to portions of the storage devices and enable a first device 
type to emulate a second device type device type , wh e r e in at l eas4>ene of th e-ene or more 
storage-devices-are r e pr e s e nt e d by at least on e of a partition and a fil e , wh erein— the 
partition and file-each allow indir e ct acc e ss to th e storag e d e vic e ; 

an act of receiving from a centralized directory service a modifiable client 
resource that identifies client authorization to access the storage device, and a portion of 
the storage device that the client can access , wherein the centralized directory maintains 
authentication information for the client, and at least one of a work group identity, 
network location, and physical location, and further maintains configuration information 
defining how the client accesses a partition or file representing a storage device ; 

an act of creating a target containing one or more logical unit numbers that have 
been assigned to the identified device identifiers, the target consisting of only logical 
units numbers to which the client has been assigned and to which the client is to be 
provided access, wherein access to the target is provided according to the modifiable 
client resource; and 

an act of providing the client computer access to the file or partition representing 
the storage device identified by the target storag e d e vic e through a client-restricted port 
on the storage service provider , wherein the client-restricted port is dynamically assigned 
by the centralized directory service based on storage service provider load balancing and 
fai lover protection, such that if the client has knowledge of and access to the client- 
restricted port, the client can access the storage device by providing the storage service 
provider with client authorization and a Uniform Resource Locater including the 
dynamically assigned port number. 
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33. (Original) The method as recited in claim 32, wherein centralized directory 
service receives client access information from at least one of a local and remote database. 

34. (Cancelled) 

35. (Original) The method as recited in claim 32, wherein the client-restricted port is 
managed by the centralized service and a protocol-independent port driver that receives 
network traffic through one or more protocol-dependent mini-port drivers. 

36. (Original) The method as recited in claim 35, wherein the one or more protocol- 
dependent mini-port drivers are plug-ins to the protocol-independent port driver. 

37. (Original) The method as recited in claim 36, wherein at least one of the one or 
more mini-port drivers communicates through one or more of an Ethernet, Token Ring, USB, 
fiber channel, or wireless connection protocol. 
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